FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
sgiannogloudis
Article Id 195134
Description
This article describes one way to identify degraded quality on VoIP traffic.

Solution
Capturing Packets.

As first step, identify and capture the affected traffic.
Usually, find the IP address of a phone and perform a packet capture on the FortiGate’s GUI build in mechanism is needed.
More information on how to capture traffic can be found on the Related Articles section of this KB.

Analyzing the Traffic.

When traffic is finally captured and opened via Wireshark, proceed with troubleshooting the RTP streams.
As next steps, select Telephony -> RTP -> RTP Streams.
Then, observe an output like:



As observed, there are 4 RTP streams, but the first and third one have almost 4% packet loss.
Select one of them and then select 'Analyze'.

After this step, a graph as the below image will be generated:



The important sections of the particular graph are the Jitter and the percentage of the expected and lost RTP packet.

Troubleshooting.

There are many factors which can contribute to this problem but from the FortiGate’s perspective we can verify two basic functions.

1)CPUs:
If CPUs are highly occupied on processing other traffic, then this will probably cause packet loss.
Verify the status of each individual CPU by issuing the command diagnose system mpstat while users are experiencing poor voice quality.

Here an example:





2) Physical Interfaces:

We need to also verify the drop counters of the interfaces involved on the particular traffic streams. By issuing the commands:
- fnsysctl ifconfig <port number>
- diagnose hardware deviceinfo nic <port number>

Related Articles

Troubleshooting Tip: Packet Capture on FortiOS GUI

Contributors